Worker Configuration IAM Role Permissions

When creating a new worker configuration, you specify an IAM role whose permissions will be used to list network settings available in AWS Regions of production AWS accounts. The specified IAM role must be granted the following permissions:

{

"Version": "2012-10-17",

"Statement": [

{

"Action": [

"ec2:DescribeAvailabilityZones",

"ec2:DescribeVpcs",

"ec2:DescribeRegions",

"ec2:DescribeAccountAttributes",

"ec2:DescribeSubnets",

"ec2:DescribeSecurityGroups"

"Resource": "*",

"Effect": "Allow"

}

]

}